9.8

CVE-2025-30026

Medienbericht
The AXIS Camera Station Server had a flaw that allowed
to bypass authentication that is normally required.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AxisCamera Station Version < 5.58.47195
AxisCamera Station Pro Version >= 6.0.25729 < 6.9.47069
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.59% 0.437
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
product-security@axis.com 5.3 0 0
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-288 Authentication Bypass Using an Alternate Path or Channel

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
09.08.2025 11:36
https://www.axis.com/dam/public/a3/42/92/cve-2025-30026pdf-en-US-485735.pdf
Vendor Advisory